The following updates were released to the Kentik platform during April 2026.
AI / Insights
Features
- Durable tool approval flow: AI Advisor tool approvals now persist across page refreshes, deployments, and long approval windows, enabling multi-hour human-in-the-loop Auto Investigation scenarios.
- Auto-approved tools support: Added support for auto-approved tools so certain remediation actions can execute without per-turn human approval, plus a new endpoint listing all available tools and their status.
- Approval-pending visibility: AI Advisor now surfaces an awaiting-approval state at the session level when any message needs user approval.
- Faster, asynchronous chat: AI Advisor chat now accepts user messages with an immediate response and lets clients poll for results, improving responsiveness.
- AI Advisor traceroute analysis for Synthetics: You can now ask AI Advisor to analyze traceroute results for a given IP and agent, with hop-by-hop latency returned for troubleshooting.
- Improved NMS query tool reliability: The AI Advisor NMS tool was ported to TypeScript and hardened against schema validation errors that could cause natural-language query failures.
- RBAC enforcement for AI tools: AI Advisor now respects role-based permissions, so users only see tools they are entitled to and cannot access restricted data through natural-language queries.
Bug Fixes
- Syslog & Trap tool now returns results: Fixed the AI Advisor Syslog & Trap tool failing to return data by validating queries against dynamically loaded dictionary values.
- Overlay mode reconnect crash fixed: Resolved a crash when entering a prompt after a server restart or websocket reconnection.
- Reduced response cutoffs: Increased AI Advisor output token limits and made turn compression less aggressive so investigation responses are no longer truncated.
- Chat memory leak fixed: Fixed a memory leak in chat sessions where reconnect listeners were not cleaned up, improving stability.
- Reliable market intelligence queries: Market Intelligence (KMI) insights now use a fixed lookback date instead of a dynamic timestamp for consistent, predictable results.
- Protected insights from rogue restrictions: Hardened the insights restriction endpoint to prevent security scanners from inadvertently creating DENY rules that disabled insights.
Alerting
Features
- Unified Policy Form: All policy creation and editing (NMS, Flow/Traffic, Kevent) is now consolidated into a single streamlined form, replacing fragmented type-specific dialogs. Cloud policies are remapped to Traffic policies, and Kmetrics policies are rebranded "NMS - Classic Threshold."
- Improved mitigation platform status: Mitigation platform settings now display detailed, real-time status for DDoS platforms (BGP, Adaptive Flowspec, CFMT, non-BGP appliances), including BGP prefix status and error logs.
- ServiceNow API type support: You can now choose between Table and Event API types when configuring ServiceNow notification channels.
- External context on alerts: Alerts can now be linked to external ServiceNow incidents, with the context shown in the Alert Drawer.
- Alert capacity visibility: Policies now show active alarm counts against their limits with warnings when near or at capacity, preventing silent failures.
- Syslog/SNMP traps rolling window mode: Policies now support a rolling-window activation mode with configurable activation delay, clearance delay, frequency, time window, and grace period.
- Improved alert debugging: A redesigned baseline debug chart clearly shows alert conditions, comparison direction, baseline calculations, and flexible time ranges (15 min–12 hr).
- Alert policies for agent capabilities: A new agent capability entity type lets you create alert policies for individual Universal Agent capabilities.
- Richer alert drawer: The drawer now shows application and severity labels with a state-duration summary, a standardized status tag with an animated Active→Cleared transition, and restored Alert Details / AI Investigation buttons.
Bug Fixes
- Optional clear comment: The Comment field is now optional when clearing alerts.
- Complete mitigation method lists: Default list limits were raised so customers with 100+ mitigation methods/platforms see them all.
- Accurate syslog alert charts: Syslog alert detail charts now filter to the specific alert match instead of all matching messages.
- CIDR dimension fix: Configured CIDR values in alert policies are now preserved instead of reset to defaults.
Cloud
Features
- Custom GCP service accounts: Cloud export configuration now supports custom GCP service account authentication, letting you choose between Kentik Enterprise credentials and your own service accounts and reuse them across exports.
- Custom Azure SPN credentials: Updated support for enrichment scope configuration with custom Azure Service Principal credentials with specific subscriptions during onboarding.
- Cloud Metadata API status reporting: A new Cloud Config Status page provides AI-generated summaries, cross-provider statistics, an admin table with export, and on-demand refresh of API status.
- Per-compartment OCI topology: OCI topology data is now organized per compartment with enhanced caching and per-compartment API status tracking for faster, more granular queries.
- OCI us-lenexa region support: The OCI Map and Cloud Config pages now support the us-lenexa region.
- Enhanced cloud metrics: Cloud API call metrics add service_name and operation_name dimensions and standardized provider labels for granular operation tracking.
Bug Fixes
- Optional OCI user ID: The OCI user ID field is now optional when creating or updating OCI cloud exports.
- Accurate Azure subscription names & pagination: Azure Map subscription names resolve more accurately and Azure Resource Graph pagination works correctly for large resource sets.
- Removed deprecated Azure Classic VNet: Eliminated deprecated Azure Classic VNet API calls that caused spurious 500 errors and alert noise.
- Better AWS topology error handling: Real AWS API errors are now surfaced instead of being masked by TypeErrors, with guards against crashes from missing resources.
- GCP export editing fix: Existing GCP cloud exports can be edited again after fixing a default-value validation error.
- AWS Map on-prem visibility: The AWS Map now shows all on-premises devices instead of filtering out non-public virtual interfaces.
- Azure Express Route peering: Azure topology now correctly shows both primary and secondary peering connections to on-prem devices.
- Consistent cloud selectors: Account and subscription selectors across AWS, Azure, and OCI now align consistently and always show icons.
- AWS populators load all accounts: Refreshing AWS populators now loads all AWS accounts for complete topology configuration.
- OCI compartment selector responsiveness: The OCI compartment selector now updates reliably and stays in sync with form state.
- Refined Data Explorer filters: Fixed excessive filter additions for VPC ID and related metrics in "Include in new query."
- Removed Cloud Performance Monitor: The deprecated Cloud Performance Monitor and cloud interconnect views were removed from the product.
- Cost group Data Explorer link: "View in Data Explorer" from the Cost Group drawer now uses the correct query and time range.
NMS
Features
- SNMP unification generally available: Unified SNMP device monitoring templates and flow enrichment are now available to all customers, with the feature flag removed.
- SNMP polling health on Device Details: The Device Details telemetry tab now shows eight SNMP polling KPIs (agent status, OIDs/sec, polling health score, successful fetch %, retries, and timing) with time-range selection and auto-refresh.
- Richer BGP neighbors table: The BGP neighbors table now shows remote device/interface and local interface as clickable links with graceful fallback.
- More accurate query building: The NMS query builder now uses QueryColumn references for metrics and dimensions, improving sorting, filtering, and aggregation accuracy.
- Updated device metadata: Added new device models and corrected enterprise mappings for device discovery.
Bug Fixes
- Kentik Map fixes: Resolved a "getMaxDateRangeForQuery is not a function" error, restored the map right-click "View Device Details" menu, and fixed logical map topology errors.
- Disable BGP via API: Setting BGP type to 'none' now clears the associated BGP device ID so the API request passes validation.
- Accurate SNMP cost calculation: Corrected cost undercounting for kentik_agent SNMP collection by using the actual 60-second polling interval, with a tool to recalculate six months of historical costs.
- Enforced device plan limits: Adding devices beyond a plan limit now correctly returns the expected error.
- Topology accuracy: Removed spurious topology links from identical IPs and stale interface references for cleaner maps.
- Correct interface health: Fixed a unit-conversion error that inflated interface utilization substantially, eliminating false health alerts.
- API version fallback: ktranslate now falls back to an older site API version when the newer one is unavailable, keeping device enrichment working.
- Editable NMS query widgets: Query widget settings (legend, tooltips, sparklines, layout, etc.) are now exposed for editing and persist correctly.
- Chord chart hover: Kentik Map chord chart link hover now uses color swaps for clearer, faster visual feedback.
Platform
Features
- Audit Log improvements: The Audit Log page adds resizable columns, searchable username/email, human-readable "Observation Deck" path mapping, and a new clickable "Object" column linking to modified resources.
- Universal Agent management: Added permission checks based on config feature flags, a DEGRADED health status, an in-drawer "Authorize" button, and a configurable kproxy agents page.
- Flowproxy enabled by default: New accounts now have the flowproxy capability enabled by default.
- Improved board variables UX: Board variable and custom filter controls were refreshed, including clearer "Filter Name" terminology and improved variable mapping display.
- Library defaults: The Library list now defaults to sorting by your personal "Last Viewed" history.
- Interface classification UX: A cleaner tabbed interface (Rules/Devices/Unclassified) with real-time WebSocket feedback for rule testing.
- Expanded cluster & group health: Cluster and group health indicators now show all severity levels (Healthy, Warning, Degraded, Critical, Down) with color-coding instead of "Unknown."
Bug Fixes
- Interface classification performance: Prevents browser out-of-memory crashes for large companies by using new APIs and virtualization, with a fix for the "refresh classifications" banner.
- Stronger SSO/auth security: SSO Entry Point URLs are now validated to require HTTPS, and WebAuthn now works on public ephemeral preview environments.
- Board editing reliability: Fixed adding sections and panels to new/unsaved boards, layout not saving, panel save race conditions, draft indicators, panel descriptions, and a crash on missing panel config.
- Toasts above overlays: Toast notifications now appear on top of modal overlays.
- RBAC table filters persist: Single-filter selections now persist in the RBAC permissions table.
- Bulk role update fix: Empty bulk role updates no longer wipe role assignments.
- BGP entitlement display: Edge plans now correctly show BGP as "Enabled" instead of "Enabled (Partial)."
- Device status caching: The device status job now handles large device counts correctly.
- New dashboard dialog: Fixed filter types not applying when creating a new dashboard.
- Universal Agent device link: Fixed the broken "closest device" hyperlink in the agent details view.
- Panel description persistence: Dashboard panel descriptions are now saved correctly.
Synthetics
Features
- Test List dashboard item: A new dashboard item displays all synthetic tests with health status and key metrics in a searchable table, with health summary tabs, MIN/AVG/MAX toggle, column settings, and CSV export.
- Filter synthetics by label: You can now filter Synthetics measurements by agent and test labels, including two new guided dimensions for label-based filtering.
- HTTP test task targets: You can select task targets for HTTP synthetic tests, now the default dimension for HTTP results instead of destination address.
- Test configuration drawer: A settings button on the agent details and BGP results pages opens a side drawer showing test configuration.
- Customizable performance dashboard: The Synthetics performance dashboard can now be customized.
- Agent hostname metadata: Synthetic agents now report and store hostname metadata for better identification and troubleshooting.
- Agent alert suppression docs: Added documentation explaining how maintenance windows manage agent alert suppression.
Bug Fixes
- Incident log widget: Fixed the incident log widget showing no alarms by providing default severity and state filters.
- Synthetics Meshes widget: The Meshes widget now works within boards, auto-selecting the first two meshes by default and allowing re-add after removal.
- Mesh overview widget saving: Mesh overview widgets now save mesh selection and ordering, with initially-visible tests selected by default.
- Edit panels with deleted tests: Synthetics dashboard panels backed by deleted tests can now be edited without error.
Traffic
Features
- Interface description & device filters: A new "Interface Description" guided dimension lets you query by SNMP interface descriptions, with improved device-name filtering supporting string and regex operators.
Bug Fixes
- Complete flow telemetry: Device Details now queries all three flow measurement sources and selects the one with the highest volume, ensuring complete and accurate flow data.
- CDN/OTT parametric filters: Fixed parametric filter types for CDN and OTT services by correcting filter field references.
- Dimension selector cleanup: Removed the automatic "Custom" prefix from the chart-type dimension selector for a cleaner selection experience.
- Accurate country filter: Data Explorer now correctly extracts ISO country codes from geography dimensions.
- Connectivity cost cleanup: Orphaned interface charges are now automatically removed from cost groups while preserving global charges.